feature: Enable client certificate rotation by using tls.Config@GetClientCertificate #523
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
|
|
Lukas Benke seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account. You have signed the CLA already but the status is still pending? Let us recheck it. |
rustatian
added
the
C-enhancement
rustatian
reviewed
May 29, 2024
…ientCertificate instead of building and passing the key pair statically
benkelukas
force-pushed
the
use-get-client-certificate-for-tls
branch
from
1ede8da to
fee8e51
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #523 +/- ##
===========================================
+ Coverage 22.67% 36.49% +13.81%
===========================================
Files 4 13 +9
Lines 269 959 +690
===========================================
+ Hits 61 350 +289
- Misses 206 539 +333
- Partials 2 70 +68 ☔ View full report in Codecov by Sentry. |
|
Thanks, @benkelukas 👍 LGTM, will be released next week with RR v2024.1.3. |
rustatian
approved these changes
May 29, 2024
|
Thanks @rustatian - that's great news! 🎉 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Enable client certificate rotation by providing a callback to tls.Config@GetClientCertificate when setting up Temporal connection
Reason for This PR
Closes: #522
Description of Changes
Added a callback for GetClientCertificate to enable client certificate rotation when mTLS connection fails, e.g. after it changes in the referenced cert and key files
License Acceptance
By submitting this pull request, I confirm that my contribution is made under
the terms of the MIT license.
PR Checklist
[Author TODO: Meet these criteria.][Reviewer TODO: Verify that these criteria are met. Request changes if not]git commit -s).CHANGELOG.md.